Edge/TMG/FPE and certificate (Network Steve Forum)

Edge/TMG/FPE and certificate

Hi, One server with Edge/TMG/FPE on DMZ, and one with Exchange 2010 HUB/CAS/MBX. 1. Should the server in DMZ be a member of the domain? I know that the Edge shouldn’t but some people say that’s recommended if the edge is on the same server as the TMG. 2. I have no internal CA, if I buy a certificate from verisign do I have to install a certificate on both servers?

April 28th, 2011 4:32am

1. No 2. You need external CA for Edge and one other CA for HUB/CAS.Anil

Free Windows Admin Tool Kit Click here and download it now

April 28th, 2011 11:39am

Hi -RdO-, 1, please don't add the server to be a member of domain. 2, you need to buy a certificate which includes multiple SANs and install it on the Exchange HUB/CAS/MBX, then export it and import it to the Edge/TMG/FPE. Frank wang TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

April 29th, 2011 3:20am

Free Windows Admin Tool Kit Click here and download it now

April 29th, 2011 4:12am

Hi, 1- Edge Role must not be part of your domain! This is by design 2- You can easily use the MMC console to export the Certificate from certificate folder of your exchange server then using the MMC console on your Edge/TMG server to import the certificate Best regardsBest Regards Don't forget to mark it as answer if it helps

April 29th, 2011 6:25am

This topic is archived. No further replies will be accepted.